General
-
Target
4505339802563f2d27dd26e63d05442ae70ec9826983ac9dcd98797ae776269b
-
Size
809KB
-
Sample
221129-saqw5sac58
-
MD5
b14844ec7d30d892361bd82a53b71054
-
SHA1
19f9fff32bfd1dc8b81ce66e52b1c62c09053deb
-
SHA256
4505339802563f2d27dd26e63d05442ae70ec9826983ac9dcd98797ae776269b
-
SHA512
04f527f80455300fdeca3e7656af917b54de35917ea3a9be0deb5c1e9bb8ee9749e367d89129ae2da94aafa8d5a6980ee95fd704168a2463c72ea807a1cc9c23
-
SSDEEP
12288:X8EqU+l+IyRBsfz0okLefx6D92beumcAJIXq1kjjdDdzoa1cfN:sZ+nafztkLwxi9getcAJI9dDdEPf
Static task
static1
Behavioral task
behavioral1
Sample
4505339802563f2d27dd26e63d05442ae70ec9826983ac9dcd98797ae776269b.exe
Resource
win10-20220901-en
Malware Config
Extracted
lokibot
http://sempersim.su/gm14/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
4505339802563f2d27dd26e63d05442ae70ec9826983ac9dcd98797ae776269b
-
Size
809KB
-
MD5
b14844ec7d30d892361bd82a53b71054
-
SHA1
19f9fff32bfd1dc8b81ce66e52b1c62c09053deb
-
SHA256
4505339802563f2d27dd26e63d05442ae70ec9826983ac9dcd98797ae776269b
-
SHA512
04f527f80455300fdeca3e7656af917b54de35917ea3a9be0deb5c1e9bb8ee9749e367d89129ae2da94aafa8d5a6980ee95fd704168a2463c72ea807a1cc9c23
-
SSDEEP
12288:X8EqU+l+IyRBsfz0okLefx6D92beumcAJIXq1kjjdDdzoa1cfN:sZ+nafztkLwxi9getcAJI9dDdEPf
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-